Dual microphone voice authentication for mobile device

ABSTRACT

A method of authenticating a user of a mobile device having a first microphone and a second microphone, the method comprising receiving voice input from the user at the first and second microphones, determining a position of the user relative to the mobile device based on the voice input received by the first and second microphones, and authenticating the user based on the position of the user.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims the benefit of foreign priority from EuropeanPatent Application Serial Number 12166146.6 filed Apr. 30, 2012.

TECHNICAL FIELD

The present technology relates generally to mobile devices and, inparticular, to voice authentication techniques for mobile devices.

BACKGROUND

Various user authentication technologies are known for restrictingaccess to a mobile device. These may include, for example, passwords,facial recognition, and voice authentication.

For voice authentication, the user speaks a word or phrase. The deviceanalyzes the frequency content of the voice signal to generate a voiceprint. The device compares this voice print against a pre-recorded voiceprint to assess whether the speaker is the authorized user of thedevice.

One security weakness of this voice authentication technology is that anunauthorized person may gain access to the device by playing a recordingof the user's voice. One improvement of the voice authenticationtechnique is to require the user to speak a password or passphrase whichthe user keeps secret. This makes it more difficult, but not impossible,for unauthorized users to gain access to the device. Accordingly,further security enhancements for voice authentication remain highlydesirable. One such improvement is disclosed in this specification.

BRIEF DESCRIPTION OF THE DRAWINGS

Further features and advantages of the present technology will becomeapparent from the following detailed description, taken in combinationwith the appended drawings, in which:

FIG. 1 is a depiction of a touch-screen computing tablet having dualmicrophones as one example of a mobile device on which the presenttechnology may be implemented, the depiction including a schematicdepiction of some main components of the device;

FIG. 2 depicts an example of a tablet having two spaced-apartmicrophones for receiving voice input from which the position of theuser relative to the device is determined;

FIG. 3 depicts an example of a tablet displaying a confirmation to theuser that an authentication zone has been set;

FIG. 4 depicts an example of a tablet displaying instructions to theuser for performing voice-based login;

FIG. 5 depicts an example of a tablet presenting an indication thataccess has been denied and requesting that the user provide new voiceinput in a different relative position;

FIG. 6 depicts an example of a tablet presenting an indication of theuser's relative position to the tablet when the attempted login failed;

FIG. 7 depicts an options page enabling selection of manual or automaticzone determination;

FIG. 8 is a flowchart depicting steps of a method of authenticating auser of a mobile device using stereo microphones to determine theposition of the user relative to the mobile device;

FIG. 9 is a flowchart depicting steps of a related method in which thedevice receives user input to define the authentication zone;

FIG. 10 is a flowchart depicting steps of a related method in which theauthentication zone is automatically determined based on multiple voiceinputs received over a period of time; and

FIG. 11 is a flowchart depicting steps of a further method in which thedevice determines if the position corresponds to the authentication zoneand, if not, requests further voice input at a new position.

It will be noted that throughout the appended drawings, like featuresare identified by like reference numerals.

DETAILED DESCRIPTION

The present technology provides a voice authentication technique thatauthenticates the user based on the position of the user relative to themobile device. The position of the user relative to the mobile device isdetermined using first and second microphones on the mobile device.

Accordingly, one aspect of the present technology is a method ofauthenticating a user of a mobile device having a first microphone and asecond microphone. The method entails receiving voice input from theuser at the first and second microphones, determining a position of theuser relative to the mobile device based on the voice input received bythe first and second microphones, and authenticating the user based onthe position of the user.

Another aspect of the present technology is a computer-readable mediumcomprising instructions in code which when loaded into a memory andexecuted by a processor of a mobile device cause the mobile device toreceive voice input from the user at the first and second microphones,determine a position of the user relative to the mobile device based onthe voice input received by the first and second microphones, andauthenticate the user based on the position off the user.

Another aspect of the present technology is a mobile device comprisingfirst and second microphones for receiving voice input from a user ofthe mobile device and a processor operatively coupled to a memory fordetermining a position of the user relative to the mobile device basedon the voice input received at the first and second microphones and forauthenticating the user based on the position of the user.

The details and particulars of these aspects of the technology will nowbe described below, by way of example, with reference to the drawings.

In general, the present technology enables a mobile device such as atouch-screen tablet to authenticate a user based on the position of theuser relative to the mobile device. The position of the user relative tothe mobile device is determined based on voice input received by twospaced-apart microphones on the mobile device. For the purposes of thisspecification, the “position” or “angle” of the speaker (or user) shallrefer to the relative position of the device and the user when the userspeaks a password or otherwise provides voice input to the device.

FIG. 1 is a depiction of a touch-screen tablet as one example of amobile device (or simply “device”), which is generally designated byreference numeral 100, that uses two onboard microphones 180 toauthenticate a user based on the user's position relative to the device100 when the user provides voice input to the device's authenticationsystem. This tablet may be a touch-screen computing tablet having atleast two spaced-apart microphones as illustrated by way of example orany other portable computing device having two or more microphones suchas, for example, cell phones, smart phones, satellite phones, personaldigital assistants (PDA's), laptops, palmtops, notebooks, handheldelectronic gaming devices, or any other portable or handheld electronicdevices that include two or more microphones.

The device 100 includes a processor (or microprocessor) 110 and memory120, 130 for executing one or more applications such as a voiceauthentication application or a speech recognition application.

As depicted by way of example in FIG. 1, the memory may include flashmemory 120 and/or random access memory (RAM) 130 for storing one or moreapplications for voice-based authentication. The memory may also storedata including a voice print of the registered (authorized) user of thedevice. Other types or forms of memory may be substituted or used.

As depicted by way of example in FIG. 1, the device 100 includes a userinterface 140 for interacting with the mobile device and anyapplications running on the device, such as, for example, the voiceauthentication application. The user interface 140 may include one ormore input/output devices, such as a display screen 150 (e.g. an LCD orLED screen or touch-sensitive display screen), and a keyboard or keypad155. The user interface may also include an optical jog pad 160 and/or athumbwheel, trackball, track pad or equivalent.

As depicted by way of example in FIG. 1, the device 100 may optionallyinclude a transceiver 170 for communicating with other devices. Thetransceiver 170 may be a radiofrequency (RF) transceiver for wirelesslycommunicating with one or more base stations over a cellular wirelessnetwork using cellular communication protocols and standards for bothvoice calls and packetized data transfer such as GSM, CDMA, GPRS, EDGE,UMTS, LTE, etc. The present technology may be used on a device that doesnot have a transceiver.

The mobile device 100 may optionally include a Subscriber IdentityModule (SIM) card 112 for GSM-type devices or a Re-Usable IdentificationModule (RUIM) card for CDMA-type devices. The RF transceiver 170 mayinclude separate voice and data channels.

The mobile device 100 optionally includes a speech-recognition subsystemfor transforming voice input received by the dual microphones 180 in theform of sound waves into electrical signals and then converting theanalog signals into digital signals that constitute voice input data.This voice input data is then processed by a speech-recognition module(digital signal processor) to determine keywords or phrases from thevoice input.

Optionally, the mobile device 100 may include one or more speakers 182and/or one or more earphone jacks.

The device may optionally include a positioning subsystem(position-determining subsystem) such as a Global Positioning System(GPS) receiver 190 or any other global navigation satellite system(GNSS). Other position-determining subsystems may be include a WPS(Wi-Fi Positioning System), a radiolocation subsystem that determinesits current location using radiolocation techniques using triangulationof signals from in-range base towers, such as used for Wireless E911.Other location-determining subsystems may involve, for example,techniques based on the identity of the closest base station tower ortechniques involving obtaining information stored in a home locationregister (HLR) or visitor location register (VLR).

Optionally, the mobile device 100 may include a Wi-Fi™ transceiver 192,a Bluetooth® transceiver 194, and/or a near-field communications (NFC)chip. The mobile device 100 may also optionally include a transceiverfor WiMax™ (IEEE 802.16), a transceiver for ZigBee® (IEEE 802.15.4-2003or other wireless personal area networks), an infrared transceiver or anultra-wideband transceiver.

Optionally, the mobile device may include other sensors like a digitalcompass 196 and/or a tilt sensor or accelerometer 198.

A tablet having dual (stereo) microphones 180 is presented by way ofexample in FIG. 2. This tablet includes a touch-sensitive display 150for providing a graphical user interface and for receiving touch input.A pair of stereo speakers 182 may be provided as shown in FIG. 2. Themicrophones and speakers may be located in any other suitable locationon the device. In another implementation, the device may have three ormore microphones. The plurality of microphones may be identical or, in avariant, the microphones may be different.

As depicted by way of example in FIG. 2, the first and secondmicrophones 180 detect a voice signal emanating from the speaker (user).Based on the time difference of arrival (TDOA), the distance between themicrophones and the speed of sound, the processor computes the position(i.e. angle) of the user when the sound waves of the voice input leftthe speaker's mouth. The device may be configured to filter out allambient background noise and then to process the voice input datareceived at the first and second microphones 180 to determine (based onthe time difference of arrival) the angle or position from which thevoice input was provided. The authentication process may also involvethe comparison of the voice input data with a pre-recorded voice printof the authorized user.

To implement this novel voice authentication technology, the processor110 is operatively coupled to the memory 120, 130 of the device toreceive voice data signals from the first and second microphones 180from which the processor (or a voice authentication application beingexecuted by the processor) determines a position of the user when thevoice input was provided. The processor (or the voice authenticationapplication) determines if the position corresponds to an authenticationzone. If the position does correspond to the authentication zone, theuser is authenticated. If the position does not correspond to theauthentication zone, the authentication fails. Optionally, the deviceindicates to the user that the authentication has failed. In onespecific implementation, the device displays a message to the user thatthe authentication has failed because the location or position of theuser relative to the device when the voice input was provided wasincorrect or did not correspond to the authentication zone.

Operation of this novel technology will now be described with referenceto the examples depicted in FIGS. 3-6. These examples illustrate how auser may set an authentication zone, how the user can then beauthenticated using two spaced-apart microphones (i.e. stereomicrophones or a microphone array) to determine the position of the userrelative to the device and also what transpires when authenticationfails and has to be retried.

As shown by way of example in FIG. 3, the user creates an authenticationzone either manually or automatically. In the former case, the userinteracts with the tablet 100 to select an authentication zone. This maybe done by providing user input via the user interface to request thatthe device display possible predetermined authentication zones. In theexample of FIG. 3, the authentication zones are presented as angularsectors surrounding the device. Other geometries or arrangements may beemployed, such as for example, quadrants. The user manually selects anauthentication zone, for example by touching the authentication zone orby typing a number, letter or code corresponding to the desiredauthentication zone. As will be appreciated, the geometry, size andshape of the authentication zones may be user-reconfigurable. This wouldenable the user to select broad zones or narrow zones or to change thetype of authentication zone (e.g. from angular sectors to quadrants orvice versa).

Automatic creation of authentication zones is also possible, and will bedescribed in greater detail below with regard to FIG. 7.

Once the authentication zone has been defined, the device is ready forposition-based voice authentication. Position-based voice authenticationmay be disabled or enabled by the user. The position-based voiceauthentication may be automatically enabled based on certainpredetermined conditions such as based on location and/or time. Withposition-based voice authentication, the device only grants access ifthe user provides voice input from the correct angle (i.e. in thecorrect position relative to the device).

As shown by way of example in FIG. 4, the device may optionally provideinstructions to the user to provide voice input in the authenticationzone. In lieu of textual instructions, the device may provide anotherform of signal, e.g. a LED might light up or blink, an audible sound maybe played, or a symbol or icon displaced on the main login screen. Inanother implementation, these login instructions may be absent,requiring the user to know implicitly that the device is expecting thisform of input. In response to voice input, the device then performs itsanalysis of the angle of the voice providing the voice input. This isreferred to herein either as position-dependent voice authentication oras angle-based voice authentication. If the user speaks the correctpassword or passphrase with the device angled or positioned correctlysuch that this angle or position corresponds with the authenticationzone, the device grants access. In other words, the device will grantaccess if the angle of the voice lies within a prescribed angular range,i.e. if the position of the user relative to the device lies within theauthentication zone.

FIG. 5 depicts an example in which access is denied by the device. Inthis example, the voice input is identified as belonging to theauthorized user of the device (by matching voice prints) but the userwas not in the correct position relative to the device when the voiceinput was provided. This illustrates how this novel technology providesa second layer of authentication to require not only voiceidentification and optionally also password matching but also furtherauthentication contingent on the user being in the right positionrelative to the device. For example, the device may require that thevoice input be provided at an angle of 30-40 degrees to the left, or 90degrees from the right, etc. Angles may be expressed in terms of anangular range (e.g. 20-35 degrees) or an angle with an angular tolerance(i.e. 45 degrees+/−5 degrees).

In one implementation, the device may require multiple voice inputs fromsequentially different positions to provide even greater security. Forexample, the user may be required to provide first voice input from afirst position and then second voice input from a second position. Aswill be appreciated, this may be extrapolated to a sequence of three ormore voice inputs for an even more complex (and more secure) login andauthentication process.

In a variant, the first voice input may require a different password orpassphrase than the second password or passphrase. In other words, inthis variant, the device requires that the user provide first voiceinput by speaking a first password at a first position relative to thedevice. If this input is authenticated, then the device requires thatthe user provide second voice input by speaking a second password orpassphrase (that is different from the first password or passphrase) ata second position (that is different from the first position). If thissecond input is authenticated, then the device grants access to theuser.

FIG. 6 depicts an example in which the tablet provides visual feedbackto the user whose authentication has failed. In this example, the tabletmay indicate visually the login position or authentication zonecorresponding to the user's failed input. This informs the user that theinput was not provided from the right place and furthermore indicatesthe zone from which the input was provided. This enables the user toadjust or refine his or her relative position by moving to a newposition (or by moving the device relative to the user). For thepurposes of this specification, it is to be understood that referencesto a position mean the relative position, and that a new position of theuser can be provided by moving the device relative to the user which isgenerally easier than physically moving relative to a stationary device.In a variant, the device may display the attempted login position inother ways. For example, the device may display a generally circularflower with a number of petals representing angular sectors. The flowerpetal that corresponds to the attempted login position may be coloured,highlighted, shaded or otherwise visually emphasized to show the userwhere he provided his input. This flower representation is a moreuser-friendly way of representing the angular sectors to the user tothereby guide the user when providing new input. In a variant, the usermay select from a list of preset graphical representations that mightinclude, for example, a simple circle divided into angular sectors, aflower with petals, a wheel with spokes, a pie with pie slices, etc.

Automatic setting of the authentication zone is another way of definingthe authentication zone within which voice input will be considered tobe valid. FIG. 7 depicts an example of an options page (which may be inthe form of a settings and configurations screen, window, dialog, etc.)The user may thereby configure the device to either accept manualsetting of the authentication zone or to perform an automatic setting ofthe authentication zone. Unlike the manual approach, which was describedearlier, the automatic setting of the authentication zone may be done bycollecting voice inputs over a predetermined period of time in order todetermine usage patterns from which the authentication zone may becomputed.

The present technology furthermore enables new methods of authenticatinga user. In general, as depicted by way of example in FIG. 8, a method ofauthenticating a user of a mobile device having a first microphone and asecond microphone entails a step 300 of receiving voice input from theuser at the first and second microphones, a step 310 of determining aposition of the user relative to the mobile device based on the voiceinput received by the first and second microphones, and a step 320 ofauthenticating the user based on the position of the user.

In one implementation of the method, the step of determining theposition comprises computing a time difference of arrival (TDOA) for thevoice input received at the first and second microphones. This enablesthe angle or position of the speaker to be computed geometrically basedon the speed of sound (rate of propagation of the voice from the user'smouth to the device) and based on the distance between the first andsecond microphones.

In one implementation, depicted in FIG. 9, the method further comprisesa step 400 of receiving user input to define an authentication zonewithin which the voice input will be authenticated. The user input maybe touch-screen input or any other form of user input (mouse input,keyboard input, trackpad input, voice command, etc) to specify theauthentication zone. In one specific implementation, the areasurrounding the device is divided into angular sectors. The user canthen select one of the angular sectors as being the authentication zone.In a variant, the user may select multiple adjoining or evennon-adjoining sectors to constitute the authentication zone or zones.

As further depicted in FIG. 9, the method further comprises a step 410of displaying the authentication zone that has been defined by the user.Once the user has defined the authentication zone, the device displaysthe authentication zone. For example, this may be done by presenting anangular sector that represents the authentication zone with apredetermined or user-specified graphical indicator (color, shading,label, symbol, etc). In one example implementation, the authenticationzone is displayed automatically and for a predetermined period of timeon the screen of the device after the user has defined theauthentication zone. The authentication zone may be presented, forexample, for a predetermined time (e.g. 2 seconds, 5 seconds, 10seconds, etc.) after the user defines the zone or until user input isreceived to cause the zone to disappear. The display of theauthentication zone may be within a small window that appears and thendisappears without occupying the full screen.

As depicted in FIG. 10, the method of automatically setting theauthentication zone comprises a step 500 of receiving multiple voiceinputs over a predetermined period of time, a step 510 of determining anaverage authentication position, a step 520 of automatically definingthe authentication zone, and a step 530 of displaying the authenticationzone to the user. Automatic determination of the authentication zonethus involves the user providing voice input to the device over aprescribed period of time. This may be done in a training mode wherebythe user enters the training mode and then provides a series of voiceinput samples to the device. Alternatively, this may be done bycollecting voice input during normal usage of the device (i.e. when theuser provides everyday voice commands to the device). Alternatively,this may be done by collecting the voice input only when voice input isprovided in the context of logging into the device. A sliding samplewindow may be used to use only the last N samples. In a variant, thedevice may be configured to use all samples ever collected or allsamples since a certain event, e.g. since reboot, since turning on thedevice, since a certain date, etc. Regardless of the sample size andsampling period, the multiple voice input samples are collected andanalyzed to determine the average position. The average position is usedby the device to determine the authentication zone. This is displayed tothe user to inform the user so that the user knows what authenticationzone has been set.

FIG. 11 depicts a flowchart of a related method of notifying the userthat authentication has failed and new input is required. This methodcomprises a step 600 of determining if the position of the user speakingthe password or passphrase corresponds to the authentication zone. Atstep 610, the device, in response to determining that the position ofthe user does not match an authentication zone, displays an indicationthat a zone corresponding to the position of the user when the voiceinput was received does not match the authentication zone to therebyguide the user to provide further voice input in a new position relativeto the mobile device. If the device fails to authenticate the userbecause the voice is not emanating from the correct position, then thedevice may indicate that the user should try again from a new positionrelative to the device. In other words, the device requests furthervoice input at step 620. This will require the user to displace thedevice (or the user moving relative to the device) and then speaking thepassword or passphrase again. In other words, at step 630, the devicereceives the further voice input 630 and once again determines if theuser is within the authentication zone.

In a variant, the authentication system and method of authenticating theuser may include multi-factor authentication, requiring voice input andanother form of input, e.g. a password, token, fingerprint, retina scan,facial recognition, etc. The authentication of the user may be donebased on the voice print of the voice input or it may also be based on apassword or passphrase. In the former case, the device merely seeks toestablish that the speaker's voice indeed matches the voice of theauthorized user of the device. In the latter case, the device furtherascertains that the password or passphrase is correct. In other words,in one specific implementation, the device first determines if the voicebelongs to the authorized user. If so, the device then determines if thepassword or passphrase is correct. If so, the device then determines ifthe angle or position of the user's voice lies within the correctauthentication zone. Further authentication requirements may be added,including for example digital fingerprint, facial recognition, etc.

Although the foregoing authentication technology is primarily intendedin the context of login, this may be applied to selectively grant accessto any restricted data, file, application, drive or memory partition.For example, the user may encrypt a file or a drive. Access may begranted by the device only if the user speaks the correct password fromwithin the correct authentication zone.

Any of the methods disclosed herein may be implemented in hardware,software, firmware or any combination thereof. Where implemented assoftware, the method steps, acts or operations may be programmed orcoded as computer-readable instructions and recorded electronically,magnetically or optically on a fixed or non-transitory computer-readablemedium, computer-readable memory, machine-readable memory or computerprogram product. In other words, the computer-readable memory orcomputer-readable medium comprises instructions in code which whenloaded into a memory and executed on a processor of a computing devicecause the computing device to perform one or more of the foregoingmethod(s).

A computer-readable medium can be any means that contain, store,communicate, propagate or transport the program for use by or inconnection with the instruction execution system, apparatus or device.The computer-readable medium may be electronic, magnetic, optical,electromagnetic, infrared or any semiconductor system or device. Forexample, computer executable code to perform the methods disclosedherein may be tangibly recorded on a computer-readable medium including,but not limited to, a floppy-disk, a CD-ROM, a DVD, RAM, ROM, EPROM,Flash Memory or any suitable memory card, etc. The method may also beimplemented in hardware. A hardware implementation might employ discretelogic circuits having logic gates for implementing logic functions ondata signals, an application-specific integrated circuit (ASIC) havingappropriate combinational logic gates, a programmable gate array (PGA),a field programmable gate array (FPGA), etc.

This invention has been described in terms of specific embodiments,implementations and configurations which are intended to be exemplaryonly. Persons of ordinary skill in the art will appreciate, having readthis disclosure, that many obvious variations, modifications andrefinements may be made without departing from the inventive concept(s)presented herein. The scope of the exclusive right sought by theApplicant(s) is therefore intended to be limited solely by the appendedclaims.

The invention claimed is:
 1. A method of authenticating a user of amobile device having a first microphone and a second microphone, themethod comprising: receiving voice input from the user at the first andsecond microphones; determining a position of the user relative to themobile device based on the voice input received by the first and secondmicrophones; and authenticating the user based on the position of theuser.
 2. The method as claimed in claim 1 wherein determining theposition comprises computing a time-of-arrival difference for the voiceinput received at the first and second microphones.
 3. The method asclaimed in claim 1 further comprising receiving user input to define anauthentication zone within which the voice input will be authenticated.4. The method as claimed in claim 3 further comprising displaying theauthentication zone that has been defined by the user.
 5. The method asclaimed in claim 3 further comprising: receiving multiple voice inputsover a predetermined period of time; determining an averageauthentication position; automatically defining the authentication zone;and displaying the authentication zone to the user.
 6. The method asclaimed in claim 1 further comprising, in response to the mobile devicedetermining that the position of the user does not match anauthentication zone, displaying an indication that a zone correspondingto the position of the user when the voice input was received does notmatch the authentication zone to thereby guide the user to providefurther voice input in a new position relative to the mobile device. 7.A non-transitory computer-readable medium comprising instructions incode which when loaded into a memory and executed by a processor of amobile device cause the mobile device to perform acts of: receivingvoice input from the user at the first and second microphones;determining a position of the user relative to the mobile device basedon the voice input received by the first and second microphones; andauthenticating the user based on the position of the user.
 8. Thecomputer-readable medium as claimed in claim 7 wherein determining theposition comprises computing a time-of-arrival difference for the voiceinput received at the first and second microphones.
 9. Thecomputer-readable medium as claimed in claim 7 further comprisingreceiving user input to define an authentication zone within which thevoice input will be authenticated.
 10. The computer-readable medium asclaimed in claim 9 further comprising displaying the authentication zonethat has been defined by the user.
 11. The computer-readable medium asclaimed in claim 9 further comprising code for further causing thedevice to perform acts of: receiving multiple voice inputs over apredetermined period of time; determining an average authenticationposition; automatically defining the authentication zone; and displayingthe authentication zone to the user.
 12. The computer-readable medium asclaimed in claim 7 further comprising, in response to the mobile devicedetermining that the position of the user does not match anauthentication zone, displaying an indication that a zone correspondingto the position of the user when the voice input was received does notmatch the authentication zone to thereby guide the user to providefurther voice input in a new position relative to the mobile device. 13.A mobile device comprising: first and second microphones for receivingvoice input from a user of the mobile device; and a processoroperatively coupled to a memory for determining a position of the userrelative to the mobile device based on the voice input received at thefirst and second microphones and for authenticating the user based onthe position of the user.
 14. The mobile device as claimed in claim 13wherein the processor is configured to compute a time-of-arrivaldifference for the voice input received at the first and secondmicrophones.
 15. The mobile device as claimed in claim 13 comprising auser input device for receiving user input to define an authenticationzone within which the voice input will be authenticated.
 16. The mobiledevice as claimed in claim 13 comprising a display for displaying theauthentication zone that has been defined by the user.
 17. The mobiledevice as claimed in claim 13 wherein the processor is configured todetermine an average authentication position based on multiple voiceinputs received over a predetermined period of time, to automaticallydefine the authentication zone based on the average authenticationposition, and to display the authentication zone to the user.
 18. Themobile device as claimed in claim 13 wherein the processor is configuredto determine if the position matches an authentication zone and, inresponse to the processor determining that the position of the user doesnot match an authentication zone, causes a display of the mobile deviceto present an indication that a zone corresponding to the position ofthe user when the voice input was received does not match theauthentication zone to thereby guide the user to provide further voiceinput in a new position relative to the mobile device.